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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 . 1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )□ Responsive to communication(s) filed on . 

2a)D This action is FINAL. 2b)K This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1 -5.7-13 and 15-17 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) Q Claim(s) is/are allowed. 

6) ^ Claim(s) 1-5.7-13 and 15-17 is/are rejected. 

7) ^ Claim(s) 6 and 14 is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1 .121(d). 
1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-1 52. 
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12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
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1 Certified copies of the priority documents have been received. 

2.Q Certified copies of the priority documents have been received in Application No. . 



3.D Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 
Claim Rejections - 35 USC § 102 

1 . The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

2. Claims 1-5, 7-13, and 15-17 are rejected under 35 U.S.C. 102(e) as being 
unpatentable over Watson et al. (US 6,779,033). 

Watson et al. disclose claims : 
1 . A method of producing a blended synchronization (SYN) cookie for use in a three- 
way handshake process comprising the steps of: 

identifying within a SYN packet a source network address and desired communications 
session parameters (col. 6, lines 23-34); 

retrieving an index value into a table of pre-configured sets of communications session 
parameters, said index value referencing one of said sets which approximates said 
desired communications parameters (sequence number n; col.9, lines 7-22); 
computing a hash value based upon said source network address, a constant seed and 
current date and time data (col. 12, lines 16-44); and 

combining said computed hash value with said index value, said combination forming 
the blended SYN cookie (col. 12, lines 16-44). 
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2. The method of claim 1 , wherein said combining step comprises: reducing said 
computed hash value by N most significant binary digits to accommodate N binary digits 
required to represent said index value; and, combining said reduced hash value with 
said index value, said combination forming the blended SYN cookie (col. 12, lines 16- 
44). 

3. A three-way handshake method, the three-way handshake comprising an initial 
request, an intermediate response to the initial request, and a final acknowledgment of 
the intermediate response, the method comprising the steps of: 

extracting synchronization data from the initial request; storing said synchronization 
data in a fixed length, wrap-around table; based upon session parameters contained in 
said synchronization data, acquiring an index into a table of pre-configured sets of 
session parameters; computing an initial hash value based upon at least part of said 
synchronization data; combining said initial hash value and said acquired index and 
placing said combination into the intermediate response to the initial request; and, 
responsive to receiving the final acknowledgment of the intermediate response, 
extracting acknowledgment data from the final acknowledgment, identifying said initial 
hash value in said acknowledgment data, computing a new hash value based upon at 
least part of said acknowledgment data, comparing said new hash value with said initial 
hash value, and if said hash values do not match, discarding the final acknowledgment. 
(col.9, lines 7-22; col. 12, lines 16-44). 
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4. The three-way handshake method of claim 3, further comprising the step of, if said 
hash values match, locating said session parameters in said fixed length, wraparound 
table and establishing a communications session using said located session 
parameters, (col. 12, lines 16-44) 

5. The three-way handshake method of claim 4, further comprising the step of, if said 
session parameters cannot be located, identifying said acquired index in said 
acknowledgment data, retrieving a pre-configured set of communication parameters 
based upon said acquired index, and establishing a communications session using said 
located session parameters, (col. 12, lines 16-53) 

7. The three-way handshake method of claim 3, further comprising the steps of: 
observing said session parameters in said synchronization data; and, tuning said table 
of pre-configured sets of session parameters based upon said observed session 
parameters, (steps of fig. 15, repeating steps of 260-263) 

8. A communications handshake system comprising: a communications process 
configured to receive and respond to requests to establish data communications 
sessions, said requests comprising synchronization (SYN) packets and 
acknowledgment (ACK) packets; a fixed length, wrap-around table configured to store 
desired session parameters extracted from said SYN packets; a table of pre-configured 
session parameters which can be used to approximate said desired session 
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parameters; and, a blended SYN cookie generator configured to combine SYN cookies 
with an index into said table of pre-configured session parameters, said index 
referencing a set of pre-configured session parameters which approximate 
corresponding ones of said desired session parameters; whereby said communications 
process both can authenticate said ACK packets by comparing hash values contained 
in said SYN cookies with hash values generated in response to receiving said ACK 
packets, and also can establish said data communication sessions using said desired 
session parameters in said fixed length, wrap-around table, or said approximated 
session parameters where said desired session parameters are not found in said fixed 
length wrap-around table. (Claim 8 is similarly rejected as in claims 1 and 3) 

9. The communications handshake system of claim 8, further comprising a network 
address translator configured to perform network address translation between end- 
points in said established communications sessions, (col.9, lines 7-22; col. 12, lines 16- 
44). 

10. The communications handshake system of claim 8, wherein said SYN cookie 
comprises a hash value computed from a network address, a seed value and a date 
and time value, (col. 12, lines 16-43) 

1 1 . A machine readable storage having stored thereon a computer program for 
performing a three-way handshake method, the three-way handshake comprising an 
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initial request, an intermediate response to the initial request, and a final 
acknowledgment of the intermediate response, the computer program comprising a 
routine set of instructions for causing the machine to perform the steps of: extracting 
synchronization data from the initial request; storing said synchronization data in a fixed 
length, wrap-around table; based upon session parameters contained in said 
synchronization data, acquiring an index into a table of pre-configured sets of session 
parameters; computing an initial hash value based upon at least part of said 
synchronization data; combining said initial hash value and said acquired index and 
placing said combination into the intermediate response to the initial request; and, 
responsive to receiving the final acknowledgment of the intermediate response, 
extracting acknowledgment data from the final acknowledgment, identifying said initial 
hash value in said acknowledgment data, computing a new hash value based upon at 
least part of said acknowledgment data, comparing said new hash value with said initial 
hash value, and if said hash values do not match, discarding the final acknowledgment. 
(Claim 1 1 is similarly rejected as in claims 1 and 3) 

1 2. The machine readable storage of claim 1 1 , further comprising, if said hash values 
match, locating said session parameters in said fixed length, wrap-around table and 
establishing a communications session using said located session parameters. 

13. The machine readable storage of claim 12, further comprising, if said session 
parameters cannot be located, identifying said acquired index in said acknowledgment 
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data, retrieving a pre-configured set of communication parameters based upon said 
acquired index, and establishing a communications session using said located session 
parameters, (col. 12, lines 16-43) 



1 5. The machine readable storage of claim 1 1 , further comprising the steps of: 
observing said session parameters in said synchronization data; and, tuning said table 
of pre-configured sets of session parameters based upon said observed session 
parameters, (see method steps of fig.8) 



16. A blended SYN cookie article of manufacture, comprising: an index value into a 
table of pre-configured sets of communications session parameters, said index value 
referencing one of said sets which approximates specified communications parameters; 
and, a hash value combined with said index value, said hash value comprising a hash 
of a network address, a constant seed and current date and time data. (col. 12, lines 16- 
54) 



17. The blended SYN cookie article of manufacture of claim 16, wherein said hash 
value comprises the N most significant binary digits of said hash value, wherein N is 
computed based upon a number of binary digits required to represent said index value, 
(col. 12, lines 16-54) 
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Allowable Subject Matter 



3. Claims 6 and 14 are objected to as being dependent upon a rejected base claim, 
but would be allowable if rewritten in independent form including all of the limitations of 
the base claim and any intervening claims. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jeffrey Pwu whose telephone number is 571-272-6798. 
The examiner can normally be reached on 8-6. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, David Wiley can be reached on 571-272-3923. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 




March 20, 2005 



JEFFREY PWU 
PRIMARY EXAMINER 



